Some questions about pbx and gui.

VitalPBX Community Support General Discussion Some questions about pbx and gui.

  • Post
    • March 27, 2018 at 2:05 am
    lightvik
    Participant
    Up
    0
    Down

    1) that product have irc channel?

    2)In vps script maybe need add:

    yum -y install NetworkManager

    systemctl enable NetworkManager  

    systemctl start NetworkManager  

    3) i have a trouble, i want use pbx in vps with chan-sip only (no pjsip) + tls only on 5061 port + srtp. how to do it? i try config via gui but have no idea how to do it.

    0
Viewing 14 replies - 1 through 14 (of 14 total)
  • Replies
    • March 27, 2018 at 6:27 am
    lightvik
    Participant
    Up
    0
    Down

    So, i found a bug!

    when i use letsencrypt certificate it works well with webgui but not work when i use chan-sip tls.

    tcp 0 0 127.0.0.1:5063 0.0.0.0:* LISTEN 1369/asterisk
    tcp 0 0 127.0.0.1:5062 0.0.0.0:* LISTEN 1369/asterisk
    udp 0 0 0.0.0.0:5060 0.0.0.0:* 1369/asterisk
    udp 0 0 127.0.0.1:5062 0.0.0.0:* 1369/asterisk

    but if i use self-signed certificate it works well.

    tcp 0 0 127.0.0.1:5063 0.0.0.0:* LISTEN 1369/asterisk
    tcp 0 0 0.0.0.0:5061 0.0.0.0:* LISTEN 1369/asterisk
    tcp 0 0 127.0.0.1:5062 0.0.0.0:* LISTEN 1369/asterisk
    udp 4864 0 0.0.0.0:5060 0.0.0.0:* 1369/asterisk
    udp 0 0 127.0.0.1:5062 0.0.0.0:* 1369/asterisk

    0
    • March 27, 2018 at 8:40 am
    lightvik
    Participant
    Up
    0
    Down

    not working config:

    tlscertfile=/usr/share/ombutel/certificates/pbx2.raven.kz/bundle.pem
    tlscafile=/usr/share/ombutel/certificates/pbx2.raven.kz/chain.pem

    working config(self-signed) :

    tlscertfile=/usr/share/ombutel/certificates/pbx.raven.kz.pem
    tlscafile=/usr/share/ombutel/certificates/ca.crt

     

    0
    • April 1, 2018 at 9:51 pm
    Jose Miguel Rivera
    Keymaster
    NI
    Up
    0
    Down

    Thanks For reporting it, we will check it.

    0
    • March 6, 2020 at 3:56 pm
    jrosetto
    Participant
    Up
    0
    Down

    @ing-joserivera26

    DId you ever get anywhere with this.  I would like to use TLS with letsencrypt but after generating the cert the PBX isn’t listening on 5063 anymore for PJSIP TLS.  5062 is unaffected.

     

    0
    • March 6, 2020 at 4:01 pm
    Jose Miguel Rivera
    Keymaster
    NI
    Up
    0
    Down

    You must create a new PJSIP profile that uses as transport TLS.

    0
    • March 6, 2020 at 4:12 pm
    jrosetto
    Participant
    Up
    0
    Down

    @ing-joserivera26

    Created the profile PJSIP and enabled TLS but running ‘lsof -i -P -n | grep 5063’ still comes up blank.  Anything else I need to do?

     

    0
    • March 6, 2020 at 4:23 pm
    Jose Miguel Rivera
    Keymaster
    NI
    Up
    0
    Down

    Assign the certificate on PJSIP settings, select the SSL Method.

    After this, go to the Asterisk console, and reload the PJSIP driver, and check if the output returns any error or warning.

    module reload res_pjsip.so
    0
    • March 6, 2020 at 4:38 pm
    jrosetto
    Participant
    Up
    0
    Down

    @ing-joserivera26

    Getting closer…  Here are the errors

    [2020-03-06 11:35:39] ERROR[9044]: config_options.c:798 aco_process_var: Error parsing method=tlsv3 at line 49 of /etc/asterisk/ombutel/pjsip__20-transport.conf
    [2020-03-06 11:35:39] ERROR[9044]: res_sorcery_config.c:407 sorcery_config_internal_load: Could not create an object of type ‘transport’ with id ‘transport-tls’ from configuration file ‘pjsip.conf’
    [2020-03-06 11:35:39] NOTICE[9044]: res_sorcery_config.c:418 sorcery_config_internal_load: Retaining existing configuration for object of type ‘transport’ with id ‘transport-tls’

    That line in the config is going to

    [transport-wss]

    It is listening at this point but I am unable to register over TLS.

     

    0
    • March 6, 2020 at 4:50 pm
    Jose Miguel Rivera
    Keymaster
    NI
    Up
    0
    Down

    What SSL Method do you have on the PJSIP Settings?

    0
    • March 6, 2020 at 4:52 pm
    jrosetto
    Participant
    Up
    0
    Down
    0
    • March 6, 2020 at 4:53 pm
    Jose Miguel Rivera
    Keymaster
    NI
    Up
    0
    Down

    try changing it to tlsv1

    0
    • March 6, 2020 at 5:05 pm
    jrosetto
    Participant
    Up
    0
    Down

    @ing-joserivera26

    That stopped the errors and I can register on the phone side.  But on the asterisk side the extension shows as unavailable.

     

    0
    • March 6, 2020 at 5:08 pm
    Jose Miguel Rivera
    Keymaster
    NI
    Up
    0
    Down

    Check the contact URI

    0
    • March 6, 2020 at 5:12 pm
    jrosetto
    Participant
    Up
    0
    Down

    @ing-joserivera26

    Ah I got it.  I had to change the profile to the new one I created on the extension.  Everything seems to be working as intended.  Thanks for your help.  I owe you one.

     

    0
Viewing 14 replies - 1 through 14 (of 14 total)
  • The forum ‘General Discussion’ is closed to new topics and replies.